Skip to content
Permalink
Browse files

HttpExtension: removed option 'sameSiteProtection', cookie 'nette-sam…

…esite' is always set
  • Loading branch information...
dg committed Mar 9, 2019
1 parent ae60d63 commit 9c49a4968f3984d15b6ce2bdd28df06079aa957b
Showing with 1 addition and 4 deletions.
  1. +1 −4 src/Bridges/HttpDI/HttpExtension.php
@@ -29,7 +29,6 @@ class HttpExtension extends Nette\DI\CompilerExtension
'cspReportOnly' => [], // Content-Security-Policy-Report-Only
'featurePolicy' => [], // Feature-Policy
'cookieSecure' => 'auto', // true|false|auto Whether the cookie is available only through HTTPS
'sameSiteProtection' => true, // activates Request::isSameSite() protection
];
/** @var bool */
@@ -133,9 +132,7 @@ public function afterCompile(Nette\PhpGenerator\ClassType $class)
}
}
if (!empty($config['sameSiteProtection'])) {
$code[] = Helpers::formatArgs('$response->setCookie(...?);', [['nette-samesite', '1', 0, '/', null, null, true, 'Strict']]);
}
$code[] = Helpers::formatArgs('$response->setCookie(...?);', [['nette-samesite', '1', 0, '/', null, null, true, 'Strict']]);
$initialize->addBody("(function () {\n\t" . implode("\n\t", $code) . "\n})();");
}

0 comments on commit 9c49a49

Please sign in to comment.
You can’t perform that action at this time.